Cannot collect execution logs when SSL secure communication is enabled.

Document ID : KB000008805
Last Modified Date : 14/02/2018
Show Technical Document Details

Unable to  collect execution logs from ROC when  Secure Communications is enabled between NES and NAC .

When collecting the logs there is a error displayed which looks like : 


Release Automation 6.4 and 6.5 with secure ssl communications setup between NAC and NES servers.

The configuration in step 19  from the procedure setting  Secure Communications  is not always loaded correctly.

Step 19:

Open the RA_HOME\conf\ file that you created when securing UI communication, and add the following lines:<plain text password for custom-truststore.jks>





You can resolve this in two way's.

Solution 1:

You can add  the certifcate from the NES to to Java default truststore cacerts . 

to do this run keytool in the RA_HOME directory. 

.\jre\bin\keytool -importcert -alias ra-nes1 -file nes1.crt -keystore jre/lib/security/cacerts -v -rfc 

The default password for cacerts is changeit.

Solution 2:

point the java runtime used by tomcat to the custom-truststore which contains the certificates from the NES  by adding the following 
startup parameters in RA_HOME$\bin\ file on Unix.<truststore-password> 

In windows you have to add this to the nolioserver settings in the registry using regedit.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Apache Software Foundation\Procrun 2.0\NolioServer20\Parameters\Java\Options 

or run from the RA_HOME directory:

.\bin\Tomcat8 //US//NolioServer20 ++JvmOptions ";<truststore-password>"

restart the nolio service.